A professional spammer who writes and sells virus-spamming spamware and botnet access. Is probably involved in the writing and releasing of viruses & trojans. One of the longest operating criminal spam-lords on the internet. Works with many other Eastern Euro and US based botnet spammers. Was a partner of American spammer Alan Ralsky.

Department of Justice
Office of Public Affairs
FOR IMMEDIATE RELEASE
Friday, April 21, 2017

Russian National Indicted with Multiple Offenses in Connection with Kelihos Botnet
A federal grand jury in Bridgeport, Connecticut, returned an eight-count indictment yesterday charging a Russian National with multiple offenses stemming from his alleged operation of the Kelihos botnet – a global network of tens of thousands of infected computers, which he allegedly used to facilitate malicious activities including harvesting login credentials, distributing bulk spam e-mails, and installing ransomware and other malicious software.

Acting Assistant Attorney General Kenneth A. Blanco of the Justice Department’s Criminal Division, U.S. Attorney Deirdre M. Daly of the District of Connecticut and Special Agent in Charge Patricia M. Ferrick of the FBI’s New Haven Division made the announcement.

Peter Yuryevich Levashov, 36, aka Petr Levashov, Peter Severa, Petr Severa and Sergey Astakhov, of St. Petersburg, Russia, was charged in an indictment returned in the District of Connecticut with one count of causing intentional damage to a protected computer, one count of conspiracy, one count of accessing protected computers in furtherance of fraud, one count of wire fraud, one count of threatening to damage a protected computer, two counts of fraud in connection with email and one count of aggravated identity theft. The case has been assigned to Judge Robert N. Chatigny in Hartford.

Spanish authorities arrested Levashov in Barcelona on April 7, 2017. The arrest was based upon a criminal complaint and arrest warrant issued in the District of Connecticut on March 24, 2017. Levashov has been detained since his arrest, and the Justice Department is seeking his extradition.

As alleged in the indictment, a “botnet” is a network of computers infected with a malicious software that allows a third party to control the entire computer network without the knowledge or consent of the computer owners. Levashov allegedly controlled and operated the Kelihos botnet to, among other things, harvest personal information and means of identification (including email addresses, usernames and logins, and passwords) from infected computers. To further the scheme, Levashov allegedly disseminated spam and distributed other malware – such as banking Trojans and ransomware, and advertised the Kelihos botnet spam and malware services to others for purchase in order to enrich himself.

The indictment further alleges that during any 24-hour period, the Kelihos botnet was used to generate and distribute more than 2,500 unsolicited spam e-mails that advertised various criminal schemes, including deceptively promoting stocks in order to fraudulently increase their price (so-called “pump-and-dump” stock fraud schemes).

On April 10, 2017, the Justice Department announced that it had taken action to dismantle the Kelihos botnet.

An indictment is merely an allegation, and a defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

The FBI’s New Haven Division and Anchorage Division are investigating the case, with the assistance of the Spanish National Police. Assistant U.S. Attorneys Vanessa Richards and David Huang of the District of Connecticut, with the assistance of Senior Trial Attorneys Anthony Teelucksingh, Ethan Arenson and Harold Chun of the Criminal Division’s Computer Crime and Intellectual Property Section are prosecuting the case. The Criminal Division’s Office of International Affairs is handling the extradition in this matter.

The Register of Known Spam Operations (ROKSO) collates information and evidence on entities with a history of spamming or providing spam services, and entities affiliated or otherwise connected with them, for the purpose of assisting ISP Abuse Desks and Law Enforcement Agencies.

The above consists of information in the public domain. The Spamhaus Project makes every effort to avoid errors in information in the ROKSO database, and will correct any errors as soon as it is able to verify the correction, but accepts no responsibility or liability for any errors or omissions, or liability for any loss or damage, consequential or otherwise, incurred in reliance on the material in these pages. The Spamhaus Project makes no warranties or representations as to the accuracy of the Information in ROKSO records. The information in the ROKSO database is for information purposes only and is not intended as legal advice of any kind.

For information on contacting the ROKSO Team regarding any factual errors in this record, see the ROKSO FAQs.